Today, reading a blog, I clicked on a link that took me to an answer on Quora.com, which is a site that I can’t recall ever visiting although it’s possible that I may have hit it using Stumble Upon or something similar in the past. My CyberGhost VPN was active. I scrolled down to the bottom of the page and there was my name and an invitation to submit further details. How could this be? I’m most concerned. I did not submit any information to this site during this session. How could it have identified me if I was using a VPN?
The fact the you’re using a VPN has almost nothing to do with this. A VPN protects your connection from the prying eyes of people between you and the VPN service, but that’s about it.
A couple of other things are going on here.
Become a Patron of Ask Leo! and go ad-free!
If you may have visited this site in the past but simply don’t remember, it could be as simple as cookies that were left behind by your prior visit. That’s pretty much what cookies are for: remembering things between visits to the same website.
Now, this has nothing to do with your VPN or how you’re connected to the internet. It’s all about the information that site saves on your computer.
Another increasingly common scenario is actually surprisingly simple. Were you logged into Facebook at the time? Many sites use Facebook as their commenting system provider. Thus, what you may have seen was your information being displayed by Facebook on the website page you were visiting.
Generally, the website doesn’t get the details of who you are. That’s encapsulated by Facebook, but it’s still possible that they do. Anyway, it’s usually pretty simple to see if this is the case. There will typically be a Facebook icon nearby your name or the other information that you recognize as your own.
Now, taking a quick look at Quora, I noticed that they also encourage people to login using Google in addition to Facebook, so it’s possible that this functionality, showing who you are, is being provided by Google.
Even if you’re not logged into Quora using Google or Facebook, that information about who you are could still be provided if you happen to be logged into them in some other window (like looking at your Google mail or being logged into your Facebook account.)
There are even other third parties; for example a service called Disqus that is targeted to provide exactly the same kind of service. They provide commenting services for websites. If you log in to comment on one website using Disqus, it’s possible that your login or information is remembered if you go to another website that just happens to use the same commenting system. And it’s very possible that they can happen even if you’ve never visited this second site ever before.